Merge pull request #77 from lightstep/jason/LS-59631/add-opamp-bridge…

…-kube-otel-stack [LS-59631] add opamp bridge to kube-otel-stack to match otel-cloud-stack
lightstep · Mar 21, 2024 · b4599e8 · b4599e8
2 parents 5deb1eb + a4263a0
commit b4599e8
Show file tree

Hide file tree

Showing 5 changed files with 247 additions and 1 deletion.
diff --git a/charts/kube-otel-stack/Chart.yaml b/charts/kube-otel-stack/Chart.yaml
@@ -2,7 +2,7 @@ apiVersion: v2
 name: kube-otel-stack
 description: Chart for sending Kubernetes metrics to Lightstep using the OpenTelemetry Operator.
 type: application
-version: 0.4.2
+version: 0.5.0
 appVersion: 0.91.0
 dependencies:
 # cert manager must be manually installed because it has CRDs

diff --git a/charts/kube-otel-stack/templates/_helpers.tpl b/charts/kube-otel-stack/templates/_helpers.tpl
@@ -93,3 +93,29 @@ heritage: {{ $.Release.Service | quote }}
   {{- $userValue := index . 3 -}}
   {{- include "kube-otel-stack.kubeVersionDefaultValue" (list $values ">= 1.23-0" $insecure $secure $userValue) -}}
 {{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "opentelemetry-opamp-bridge.fullname" -}}
+{{- if .fullnameOverride }}
+{{- .fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.opAMPBridge.name }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+
+{{/*
+Create the name of the clusterRole to use for the opampbridge
+*/}}
+{{- define "opentelemetry-opamp-bridge.clusterRoleName" -}}
+{{- printf "%s-bridge" .Release.Name  }}
+{{- end }}
diff --git a/charts/kube-otel-stack/templates/bridge.yaml b/charts/kube-otel-stack/templates/bridge.yaml
@@ -0,0 +1,184 @@
+{{- if .Values.opAMPBridge.enabled }}
+apiVersion: opentelemetry.io/v1alpha1
+kind: OpAMPBridge
+metadata:
+  name: {{ include "opentelemetry-opamp-bridge.fullname" $ }}
+  labels:
+    {{- include "kube-otel-stack.labels" $ | indent 4 }}
+    {{- with $.Values.opAMPBridge.labels }}
+    {{- range $key, $value := . }}
+    {{- printf "%s: %s" $key (tpl $value $ | quote) | nindent 4 }}
+    {{- end }}
+    {{- end }}
+  {{- with $.Values.opAMPBridge.annotations }}
+  annotations:
+    {{- range $key, $value := . }}
+    {{- printf "%s: %s" $key (tpl $value $ | quote) | nindent 4 }}
+    {{- end }}
+  {{- end }}
+spec:
+  {{- if $.Values.opAMPBridge.endpoint }}
+  endpoint: {{ $.Values.opAMPBridge.endpoint }}
+  {{- end }}
+  {{- with $.Values.opAMPBridge.headers }}
+  headers:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- with $.Values.opAMPBridge.capabilities }}
+  capabilities:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- with $.Values.opAMPBridge.componentsAllowed }}
+  componentsAllowed:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- with $.Values.opAMPBridge.nodeSelector }}
+  nodeSelector:
+   {{- toYaml . | nindent 4}}
+  {{- end }}
+  {{- if $.Values.opAMPBridge.replicas }}
+  replicas: {{ $.Values.opAMPBridge.replicas }}
+  {{- end }}
+  {{- if $.Values.opAMPBridge.serviceAccount }}
+  serviceAccount: {{ $.Values.opAMPBridge.serviceAccount }}
+  {{- end }}
+  {{- if $.Values.opAMPBridge.image.digest }}
+  image: "{{ $.Values.opAMPBridge.image.repository }}@{{ $.Values.opAMPBridge.image.digest }}"
+  {{- else }}
+  image: "{{ $.Values.opAMPBridge.image.repository }}:{{ $.Values.opAMPBridge.image.tag | default $.Chart.AppVersion }}"
+  {{- end }}
+  {{- if $.Values.opAMPBridge.upgradeStrategy }}
+  upgradeStrategy: {{ $.Values.opAMPBridge.upgradeStrategy }}
+  {{- end }}
+  {{- if $.Values.opAMPBridge.imagePullPolicy }}
+  imagePullPolicy: {{ $.Values.opAMPBridge.imagePullPolicy }}
+  {{- end }}
+  {{- if $.Values.opAMPBridge.hostNetwork }}
+  hostNetwork: {{ $.Values.opAMPBridge.hostNetwork }}
+  {{- end }}
+  {{- if $.Values.opAMPBridge.priorityClassName }}
+  priorityClassName: {{ $.Values.opAMPBridge.priorityClassName }}
+  {{- end }}
+  {{- with $.Values.opAMPBridge.securityContext }}
+  securityContext:
+   {{- toYaml . | nindent 4}}
+  {{- end }}
+  {{- with $.Values.opAMPBridge.podAnnotations }}
+  podAnnotations:
+   {{- toYaml . | nindent 4}}
+  {{- end }}
+  {{- with $.Values.opAMPBridge.resources }}
+  resources:
+   {{- toYaml . | nindent 4}}
+  {{- end }}
+  {{- with $.Values.opAMPBridge.affinity }}
+  affinity:
+   {{- toYaml . | nindent 4}}
+  {{- end }}
+  {{- if $.Values.opAMPBridge.tolerations }}
+  tolerations:
+  {{- with $.Values.opAMPBridge.tolerations }}
+  {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- end }}
+  {{- if $.Values.opAMPBridge.volumes }}
+  volumes:
+  {{- with $.Values.opAMPBridge.volumes }}
+  {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- end }}
+  {{- if $.Values.opAMPBridge.topologySpreadConstraints }}
+  topologySpreadConstraints:
+  {{- with $.Values.opAMPBridge.topologySpreadConstraints }}
+  {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- end }}
+  {{- if $.Values.opAMPBridge.volumeMounts }}
+  volumeMounts:
+  {{- with $.Values.opAMPBridge.volumeMounts }}
+  {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- end }}
+  {{- if $.Values.opAMPBridge.ports }}
+  ports:
+  {{- with $.Values.opAMPBridge.ports }}
+  {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- end }}
+  env:
+  {{- with $.Values.extraEnvs }}
+  {{- toYaml . | nindent 4 }}
+  {{- end }}
+    - name: OTEL_K8S_NODE_NAME
+      valueFrom:
+        fieldRef:
+          fieldPath: spec.nodeName
+    - name: OTEL_K8S_NAMESPACE
+      valueFrom:
+        fieldRef:
+          apiVersion: v1
+          fieldPath: metadata.namespace
+    - name: OTEL_K8S_POD_NAME
+      valueFrom:
+        fieldRef:
+          apiVersion: v1
+          fieldPath: metadata.name
+    - name: OTEL_K8S_POD_UID
+      valueFrom:
+        fieldRef:
+          apiVersion: v1
+          fieldPath: metadata.uid
+    - name: OTEL_K8S_POD_IP
+      valueFrom:
+        fieldRef:
+          apiVersion: v1
+          fieldPath: status.podIP
+    - name: OTEL_RESOURCE_ATTRIBUTES
+      value: "k8s.cluster.name={{ $.Values.clusterName }}"
+  {{- with $.Values.opAMPBridge.env }}
+  {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- if $.Values.opAMPBridge.envFrom }}
+  envFrom:
+  {{- with $.Values.opAMPBridge.envFrom }}
+  {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- end }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ include "opentelemetry-opamp-bridge.clusterRoleName" . }}
+rules:
+  - apiGroups:
+      - opentelemetry.io
+    resources:
+      - opentelemetrycollectors
+    verbs:
+      - "*"
+  - apiGroups:
+      - ""
+    resources:
+      - pods
+    verbs:
+      - 'list'
+      - 'get'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ include "opentelemetry-opamp-bridge.fullname" . }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: "{{ include "opentelemetry-opamp-bridge.clusterRoleName" . }}"
+subjects:
+  - kind: ServiceAccount
+    # quirk of the Operator
+    {{- if $.Values.opAMPBridge.serviceAccount }}
+    name: "{{ $.Values.opAMPBridge.serviceAccount }}"
+    {{- else }}
+    name: "{{ (include "opentelemetry-opamp-bridge.fullname" .) }}-opamp-bridge"
+    {{- end }}
+    namespace: "{{ $.Release.Namespace }}"
+{{- end }}
diff --git a/charts/kube-otel-stack/templates/collector.yaml b/charts/kube-otel-stack/templates/collector.yaml
@@ -11,6 +11,11 @@ metadata:
     {{- toYaml . | nindent 4}}
   {{- end }}
   labels:
+    {{- if and $.Values.opAMPBridge.enabled $.Values.opAMPBridge.addReportingLabel }}
+    opentelemetry.io/opamp-reporting: "true"
+    {{- else if and $.Values.opAMPBridge.enabled $.Values.opAMPBridge.addManagedLabel }}
+    opentelemetry.io/opamp-managed: "true"
+    {{- end }}
     {{- include "kube-otel-stack.labels" $ | indent 4 }}
 spec:
   mode: {{ $collector.mode }}

diff --git a/charts/kube-otel-stack/values.yaml b/charts/kube-otel-stack/values.yaml
@@ -1242,3 +1242,34 @@ prometheus-node-exporter:
     ## If true, create PSPs for node-exporter
     ##
     pspEnabled: false
+
+opAMPBridge:
+  enabled: false
+  # Adds `opentelemetry.io/opamp-reporting: true` to all collectors
+  addReportingLabel: true
+  # Adds `opentelemetry.io/opamp-managed: true` to all collectors
+  addManagedLabel: false
+  image:
+    repository: ghcr.io/open-telemetry/opentelemetry-operator/operator-opamp-bridge
+    tag: "0.96.0"
+  endpoint: "wss://opamp.lightstep.com/v1/opamp"
+  headers:
+    "Authorization": "bearer ${LS_OPAMP_API_KEY}"
+  env:
+    - name: LS_OPAMP_API_KEY
+      valueFrom:
+        secretKeyRef:
+          key: LS_OPAMP_API_KEY
+          name: otel-opamp-bridge-secret
+  capabilities:
+    AcceptsOpAMPConnectionSettings: true
+    AcceptsOtherConnectionSettings: true
+    AcceptsRemoteConfig: true
+    AcceptsRestartCommand: true
+    ReportsEffectiveConfig: true
+    ReportsHealth: true
+    ReportsOwnLogs: true
+    ReportsOwnMetrics: true
+    ReportsOwnTraces: true
+    ReportsRemoteConfig: true
+    ReportsStatus: true